package leap.web.security.csrf;

import leap.core.annotation.Inject;
import leap.lang.intercepting.State;
import leap.web.Request;
import leap.web.Response;
import leap.web.security.SecurityConfig;

/* loaded from: input_file:leap/web/security/csrf/DefaultCsrfHandler.class */
public class DefaultCsrfHandler implements CsrfHandler {

    @Inject
    protected SecurityConfig config;

    @Inject
    protected CsrfManager manager;

    /* loaded from: input_file:leap/web/security/csrf/DefaultCsrfHandler$SaveOnAccessCsrfToken.class */
    protected static class SaveOnAccessCsrfToken extends SimpleCsrfToken {
        private final Request request;
        private final CsrfManager manager;
        private boolean saved;

        public SaveOnAccessCsrfToken(SecurityConfig securityConfig, String str, Request request, CsrfManager csrfManager) {
            super(securityConfig, str, true);
            this.request = request;
            this.manager = csrfManager;
        }

        @Override // leap.web.security.csrf.SimpleCsrfToken, leap.web.security.csrf.CsrfToken
        public String getToken() {
            if (!this.saved) {
                try {
                    this.manager.saveToken(this.request, this.token);
                    this.saved = true;
                } catch (Throwable th) {
                    throw new IllegalStateException("Error saving csrf token , " + th.getMessage(), th);
                }
            }
            return this.token;
        }

        @Override // leap.web.security.csrf.SimpleCsrfToken
        public String toString() {
            return getToken();
        }
    }

    @Override // leap.web.security.csrf.CsrfHandler
    public State handleRequest(Request request, Response response) throws Throwable {
        SimpleCsrfToken simpleCsrfToken;
        if (!this.config.isCsrfEnabled()) {
            return State.CONTINUE;
        }
        String loadToken = this.manager.loadToken(request);
        if (null == loadToken) {
            simpleCsrfToken = new SaveOnAccessCsrfToken(this.config, this.manager.generateToken(request), request, this.manager);
        } else {
            simpleCsrfToken = new SimpleCsrfToken(this.config, loadToken, false);
        }
        CSRF.setGeneratedToken(request, simpleCsrfToken);
        request.setAttribute(this.config.getCsrfParameterName(), simpleCsrfToken);
        return State.CONTINUE;
    }
}
